CVE-2025-71115

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

um: init cpu_tasks[] earlier

This is currently done in uml_finishsetup(), but e.g. with KCOV enabled we'll crash because some init code can call into e.g. memparse(), which has coverage annotations, and then the checks in check_kcov_mode() crash because current is NULL.

Simply initialize the cpu_tasks[] array statically, which fixes the crash. For the later SMP work, it seems to have not really caused any problems yet, but initialize all of the entries anyway.

EPSS Score: 0.00108 (0.014)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Use of Uninitialized Resource


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in